package morpho.etis.android.sdk.deviceauthenticator.client;

import android.content.Context;
import android.os.Build;
import android.util.Base64;
import com.google.common.base.Charsets;
import com.google.common.base.Preconditions;
import java.util.Arrays;
import morpho.etis.android.sdk.deviceauthenticator.client.State;
import morpho.etis.android.sdk.deviceauthenticator.client.external.DataCollector;
import morpho.etis.android.sdk.deviceauthenticator.client.utils.Configuration;
import morpho.etis.android.sdk.deviceauthenticator.client.utils.SP800SecureRandomHelper;
import morpho.etis.android.sdk.deviceauthenticator.client.utils.Utils;
import morpho.etis.deviceauthenticator.exceptions.DeviceAuthenticatorException;
import morpho.etis.deviceauthenticator.interfaces.client.DeviceRegistration;
import morpho.etis.deviceauthenticator.messages.DeviceRegistrationKeygenRequest;
import morpho.etis.deviceauthenticator.messages.DeviceRegistrationKeygenResponse;
import morpho.etis.deviceauthenticator.messages.DeviceRegistrationRequest;
import morpho.etis.deviceauthenticator.messages.DeviceRegistrationResponse;

/* loaded from: classes4.dex */
public class DeviceRegistrationImpl extends BaseDeviceAuthenticator implements DeviceRegistration {
    public DeviceRegistrationImpl(Context context, String str) throws DeviceAuthenticatorException {
        this(context, str, null);
    }

    public DeviceRegistrationImpl(Context context, String str, String str2) throws DeviceAuthenticatorException {
        this(context, str, str2, false, false);
    }

    public DeviceRegistrationImpl(Context context, String str, String str2, boolean z, boolean z2) throws DeviceAuthenticatorException {
        super(context, str, str2, z, z2, true);
        DataCollector dataCollector = new DataCollector(context);
        if (Build.VERSION.SDK_INT >= 26) {
            Utils.putPref("envDataModel", "2.0", context, this.storageId);
            this.deviceStaticId = dataCollector.retrieveDeviceStaticIdV2();
            this.deviceEnvironmentData = dataCollector.retrieveDeviceEnvironmentDataV2();
        } else {
            Utils.putPref("envDataModel", "1.0", context, this.storageId);
            this.deviceStaticId = dataCollector.retrieveDeviceStaticId(false);
            this.deviceEnvironmentData = dataCollector.retrieveDeviceEnvironmentData(false);
        }
        this.cryptoManager.init(true);
        this.storageManager.init(true);
        Utils.putPref("deviceEnvironmentData", null, context, this.storageId);
        Utils.putPref("keyId", null, context, this.storageId);
    }

    public DeviceRegistrationImpl(Context context, String str, boolean z, boolean z2) throws DeviceAuthenticatorException {
        this(context, str, null, z, z2);
    }

    public static void check(DeviceRegistrationKeygenResponse deviceRegistrationKeygenResponse) throws DeviceAuthenticatorException {
        try {
            Preconditions.checkNotNull(deviceRegistrationKeygenResponse.getServerRandom(), "serverRandom");
            boolean z = true;
            Preconditions.checkArgument(deviceRegistrationKeygenResponse.getServerRandom().length >= 32, "serverRandom length too small");
            Preconditions.checkNotNull(deviceRegistrationKeygenResponse.getServerCertificate(), "serverCertificate");
            Preconditions.checkNotNull(deviceRegistrationKeygenResponse.getSignature(), "signature");
            if (deviceRegistrationKeygenResponse.getSignature().length != 256) {
                z = false;
            }
            Preconditions.checkArgument(z, "signature length invalid");
        } catch (Exception e) {
            Utils.handleException("Invalid response", e);
        }
    }

    public static void check(DeviceRegistrationResponse deviceRegistrationResponse) throws DeviceAuthenticatorException {
        try {
            Preconditions.checkNotNull(deviceRegistrationResponse.getEncryptedDeviceEnvironmentDataSignature(), "encryptedDeviceEnvironmentDataSignature");
            boolean z = true;
            Preconditions.checkArgument(deviceRegistrationResponse.getEncryptedDeviceEnvironmentDataSignature().length >= 256, "deviceEnvironmentDataSignature length invalid");
            Preconditions.checkNotNull(deviceRegistrationResponse.getEncryptedDeviceToken(), "encryptedDeviceToken");
            Preconditions.checkArgument(deviceRegistrationResponse.getEncryptedDeviceToken().length >= 64, "encryptedDeviceToken length too small");
            if (Arrays.equals(deviceRegistrationResponse.getEncryptedDeviceEnvironmentDataSignature(), deviceRegistrationResponse.getEncryptedDeviceToken())) {
                z = false;
            }
            Preconditions.checkArgument(z, "deviceEnvironmentDataSignature cannot be equal to encryptedDeviceToken");
        } catch (Exception e) {
            Utils.handleException("Invalid response", e);
        }
    }

    @Override // morpho.etis.deviceauthenticator.interfaces.client.DeviceRegistration
    public void finish(DeviceRegistrationResponse deviceRegistrationResponse) throws DeviceAuthenticatorException {
        this.state.check(State.Value.FINISH);
        check(deviceRegistrationResponse);
        byte[] verifyMacAndDecrypt = this.cryptoManager.verifyMacAndDecrypt(deviceRegistrationResponse.getEncryptedDeviceToken(), Configuration.LABEL_DEVICE_TOKEN);
        if (verifyMacAndDecrypt.length < 32) {
            throw new DeviceAuthenticatorException("deviceToken length too small");
        }
        this.storageManager.setDeviceToken(verifyMacAndDecrypt);
        byte[] verifyMacAndDecrypt2 = this.cryptoManager.verifyMacAndDecrypt(deviceRegistrationResponse.getEncryptedDeviceEnvironmentDataSignature(), Configuration.LABEL_DEVICE_ENVIRONMENT_DATA_SIGNATURE);
        if (!this.cryptoManager.verify(this.deviceEnvironmentData, verifyMacAndDecrypt2)) {
            throw new DeviceAuthenticatorException(Configuration.INVALID_ENVIRONMENT_DATA_SIGNATURE);
        }
        this.storageManager.setDeviceEnvironmentDataSignature(verifyMacAndDecrypt2);
        this.cryptoManager.save();
        Utils.putPref("deviceEnvironmentData", new String(this.deviceEnvironmentData), this.ctx, this.storageId);
        byte[] bArr = this.keyId;
        Utils.putPref("keyId", bArr != null ? Base64.encodeToString(bArr, 2) : null, this.ctx, this.storageId);
        this.state.setCurrent(State.Value.VALID);
    }

    @Override // morpho.etis.android.sdk.deviceauthenticator.client.BaseDeviceAuthenticator, morpho.etis.deviceauthenticator.interfaces.client.DeviceAuthenticator
    public /* bridge */ /* synthetic */ byte[] getHashedMasterSecret() {
        return super.getHashedMasterSecret();
    }

    @Override // morpho.etis.android.sdk.deviceauthenticator.client.BaseDeviceAuthenticator, morpho.etis.deviceauthenticator.interfaces.client.DeviceAuthenticator
    public /* bridge */ /* synthetic */ String getIdentity() {
        return super.getIdentity();
    }

    @Override // morpho.etis.android.sdk.deviceauthenticator.client.BaseDeviceAuthenticator, morpho.etis.deviceauthenticator.interfaces.client.DeviceAuthenticator
    public /* bridge */ /* synthetic */ String getKeyId() {
        return super.getKeyId();
    }

    @Override // morpho.etis.android.sdk.deviceauthenticator.client.BaseDeviceAuthenticator, morpho.etis.deviceauthenticator.interfaces.client.DeviceAuthenticator
    public /* bridge */ /* synthetic */ String getServerId() {
        return super.getServerId();
    }

    @Override // morpho.etis.android.sdk.deviceauthenticator.client.BaseDeviceAuthenticator, morpho.etis.deviceauthenticator.interfaces.client.DeviceAuthenticator
    public /* bridge */ /* synthetic */ SessionImpl getSession() {
        return super.getSession();
    }

    @Override // morpho.etis.android.sdk.deviceauthenticator.client.BaseDeviceAuthenticator, morpho.etis.deviceauthenticator.interfaces.client.DeviceAuthenticator
    public /* bridge */ /* synthetic */ String getStorageId() {
        return super.getStorageId();
    }

    @Override // morpho.etis.deviceauthenticator.interfaces.client.DeviceRegistration
    public DeviceRegistrationKeygenRequest initialize() throws DeviceAuthenticatorException {
        this.state.check(State.Value.INIT);
        this.cryptoManager.generateDeviceKeys();
        SP800SecureRandomHelper.nextRandomBytes(this.clientRandom);
        DeviceRegistrationKeygenRequest deviceRegistrationKeygenRequest = new DeviceRegistrationKeygenRequest();
        deviceRegistrationKeygenRequest.setIdentity(this.identity);
        deviceRegistrationKeygenRequest.setClientRandom(this.clientRandom);
        deviceRegistrationKeygenRequest.setDevicePublicKey(this.cryptoManager.retrieveDevicePublicKey().getEncoded());
        Utils.write(deviceRegistrationKeygenRequest.getIdentity().getBytes(Charsets.UTF_8), this.baos);
        Utils.write(deviceRegistrationKeygenRequest.getClientRandom(), this.baos);
        Utils.write(deviceRegistrationKeygenRequest.getDevicePublicKey(), this.baos);
        this.state.setCurrent(State.Value.PROCESS);
        return deviceRegistrationKeygenRequest;
    }

    @Override // morpho.etis.deviceauthenticator.interfaces.client.DeviceRegistration
    public DeviceRegistrationRequest process(DeviceRegistrationKeygenResponse deviceRegistrationKeygenResponse) throws DeviceAuthenticatorException {
        this.state.check(State.Value.PROCESS);
        check(deviceRegistrationKeygenResponse);
        byte[] serverRandom = deviceRegistrationKeygenResponse.getServerRandom();
        byte[] serverCertificate = deviceRegistrationKeygenResponse.getServerCertificate();
        this.cryptoManager.checkAndStoreServerCertificate(serverCertificate);
        this.keyId = this.cryptoManager.getKeyId(this.serverSupportsSHA256);
        Utils.write(serverRandom, this.baos);
        Utils.write(serverCertificate, this.baos);
        byte[] signature = deviceRegistrationKeygenResponse.getSignature();
        if (!this.cryptoManager.verify(this.baos.toByteArray(), signature)) {
            throw new DeviceAuthenticatorException("Invalid response signature");
        }
        Utils.write(signature, this.baos);
        SP800SecureRandomHelper.nextRandomBytes(this.masterSecret);
        byte[] encryptAsym = this.cryptoManager.encryptAsym(this.masterSecret);
        this.cryptoManager.generateKeys(this.masterSecret, this.clientRandom, serverRandom, this.additionalKey);
        this.hashedMasterSecret = this.cryptoManager.generateHashedMasterSecret(this.masterSecret, this.clientRandom, serverRandom);
        byte[] encryptAndMac = this.cryptoManager.encryptAndMac(this.deviceStaticId, Configuration.LABEL_DEVICE_STATIC_ID);
        byte[] encryptAndMac2 = this.cryptoManager.encryptAndMac(this.deviceEnvironmentData, Configuration.LABEL_DEVICE_ENVIRONMENT_DATA);
        DeviceRegistrationRequest deviceRegistrationRequest = new DeviceRegistrationRequest();
        deviceRegistrationRequest.setEncryptedMasterSecret(encryptAsym);
        deviceRegistrationRequest.setEncryptedDeviceStaticId(encryptAndMac);
        deviceRegistrationRequest.setEncryptedDeviceEnvironmentData(encryptAndMac2);
        Utils.write(deviceRegistrationRequest.getEncryptedMasterSecret(), this.baos);
        deviceRegistrationRequest.setSignature(this.cryptoManager.sign(this.baos.toByteArray()));
        this.state.setCurrent(State.Value.FINISH);
        return deviceRegistrationRequest;
    }

    @Override // morpho.etis.android.sdk.deviceauthenticator.client.BaseDeviceAuthenticator, morpho.etis.deviceauthenticator.interfaces.client.DeviceAuthenticator
    public /* bridge */ /* synthetic */ void setAdditionalKey(byte[] bArr) {
        super.setAdditionalKey(bArr);
    }
}
